Fake porn apps holding Android phones for ransom

Related Stories

Android users hoping to get a free look at naked ladies have been caught with their pants down after two fake porn apps have wreaked havoc with their phones.

Adult Player and Porn Droid claim to be apps that allow you to view pornography, but when you install them, after clicking through a few seemingly harmless permissions that give admin access to the phone, they restrict access it and demand money to make it usable again.

Uncovered by cybersecurity firm Zscaler, Adult Player takes over the phone's front-facing camera and takes photos of the user. Then, the app locks down the phone and displays a message with a photo of the user, demanding US$500 be sent via PayPal to have the phone unlocked.

That is unless the person had disrobed beforehand to have a more hands-on experience with the app.

Meanwhile, Porn Droid contains a trojan that changes the phone's PIN, researchers at the cybersecurity firm ESET discovered. Then the app displays a fake FBI warning saying the device has content from "forbidden pornographic sites" and demands $500 "fine" be paid in three days.

"After clicking on the button, the user's device is doomed," he wrote. "The trojan app has obtained administrator rights and now can lock the device. And even worse, it sets a new PIN for the lock screen."

Adult Player and Porn Droid are recent examples of a ransomware, a type of high-tech blackmail scheme where money is extorted out of people by restricting access to a computer and threatening to erase its content or release the user's personal information.

The practice can be tracked back to at least 1989, when Dr. Joseph Popp sent out what appeared to be a floppy disk with information about the AIDS virus to a World Health Organization mailing list. Once loaded, the disk would rename the drive's files, making them inaccessible. Users had to mail US$189 to a post office box in Panama to get a decryption key.

Ransomware has evolved and has become more common over the last few years.

According to research obtained by The New York Post, ransomware attacks have increased 127% since 2004.

But paying the ransom doesn't always work. Some people who forked over the money to the Adult Player developer reportedly still didn't get back access to their phones. If you download the app, you can restart your phone in safe mode and then uninstall it.

For Porn Droid it's a little more complicated. Unless you had previously rooted your phone and have anti-malware software installed, you will likely need to do a hard reset, returning your phone to factory settings - meaning you will lose all your data.

And then, for your porn, maybe just stick to Google.

WHAT IS RANSOMWARE?

Ransomware is malicious software that locks down a computer, often by encrypting files, and then demands the user pay money to regain access to it. It is often a "trojan" -- malware that disguises itself as a legitimate program.

Though it can be traced back to the 1980s, ransomware didn't really start to gain popularity until the mid-2000s alongside the rise of digital currency bitcoin and electronic payment services, making the extortion easier. The target devices have spread from computers to mobile devices as well.

HOW TO PROTECT YOURSELF

Like with any software, be careful with what you're downloading and have an up-to-date antivirus program on your device to catch the malicious software before it's installed. For smartphone and tablet users, if it's not from the official Google or Apple app stores, search the name of the app online to make sure it's safe to install.

If your mobile device does get infected, you may be able to start the phone in safe mode - which only loads the phone's core apps - and delete the program. Or you may need to return the phone to its factory settings - which is the equivalent of reinstalling the operation system, and you will lose all your data.